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In the Claims 

1 . (Currently Amended) A method comprising: 

creating a data structure including a plurality of user id-user key pairs, each 
user id-user key pair comprising a user id associated with one of a plurality of 
users and a user key comprising a master key and a keyed-hash message 
authentication code encrypted using a password associated with the one of the 
plurality of users; and 

delivering the data structure to one or more of the plurality of users. 

2. (Original) A method as recited in claim 1, wherein the act of 
delivering comprises delivering the data structure to each of the plurality of users. 

3. (Original) A method as recited in claim 1, wherein each master key 
is encrypted using a hash of the password associated with the one of the plurality 
of users. 

4. (Original) A method as recited in claim 1, wherein each master key 
is encrypted using a one-way hash of the password associated with the one of the 
plurality of users. 

5. (Original) A method as recited in claim 1, wherein each master key 
is encrypted using a cryptographic hash of the password associated with the one of 
the plurality of users. 
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6. (Originai) A method as recited in claim 1 , wherein each user key has 
an integrity verification feature associated therewith. . 

7. (Original) A method as recited in claim 1, wherein each master key 
has an integrity verification feature associated therewith, 

8. (Currently Amended) A method as recited in claim 1, wherein each 
master key and each mast e r u ser k ey has an integrity verification feature 

associated therewith. 

9. (Original) A method as recited in claim 1, wherein each user key 
includes a checksum. 

10. (Cancel) 

1 1 . (Original) A method as recited in claim 1 , further comprising: 
transforming data using the master key. 

12. (Original) A method as recited in claim 1 , further comprising: 
storing data transformed using the master key; and 

controlling access by the plurality of users to the transformed data. 
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13. (Original) A method as recited in claim 1, further comprising: 
storing data transformed using the master key; 

receiving a user id and user password from one of the plurality of users; and 
controlling access to the transformed data by the one of the plurality of 
users based on the received user id and user password. 

14. (Original) A method as recited in claim 1, further comprising: 
storing data transformed using the master key; 

receiving a user id and user password from one of the plurality of users; and 
accessing the transformed data using the received user id and user 
password. 



15. (Currently Amended) A method as recited in claim 1, further 
comprising: 

storing data transformed using the master key; 

receiving a user id and user password from one of the plurality of users; 
selecting a user key from the data structure based on the received user id; 
decrypting the selected user id ^key u sing the received password to 
reproduce the master key; and 

using the master key to access the data. 
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16. (Currently Amended) A method as recited in claim 1, further 
comprising: 

storing data watermarked using the master key; 

receiving a user id and user password from one of the plurality of users; and 
selecting a user key from the data structure based on the received user id; 
hashing the received password to produce a hash value; 
decrypting the selected user id -key u sing the hash value to reproduce the 
master key; and 

using the master key to access the watermarked data. 

17. (Withdrawn) A method comprising: 

retrieving a user key associated with a first user of a plurality of users from 
a data structure comprising a plurality of user keys, each user key comprising a 
master key encrypted using a password associated with a unique one of the 
plurality of users ; 

decrypting the retrieved user key using a password associated with the first 
user to produce a master key; and 

accessing data using the master key. 

18. (Withdrawn) A method as recited in claim 17, wherein the user key 
is retrieved using a user id associated with the first user. 
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19. (Withdrawn) A method as recited in claim 17, wherein the data 
structure comprises a plurality of user id-user key pairs, each user id-user key pair 
comprising a user id associated with one of a plurality of users and a user key 
associated with the one of the plurality of users. 

20. (Withdrawn) A method as recited in claim 17, wherein the data 
structure comprises a plurality of user id-user key pairs, each user id-user key pair 
comprising a user id associated with one of a plurality of users and a user key 
associated with the one of the plurality of users, and wherein the user key is 
retrieved using a user id associated with the first user. 

21. (Withdrawn) A method as recited in claim 17, wherein the act of 
decrypting the user key comprises decrypting the user key using a hash of the 
password associated with the first user. 

22. (Withdrawn) A method as recited in claim 17, wherein the act of 
decrypting the retrieved user key comprises: 

hashing the password associated with the first user to produce a hash value; 

and 

using the hash value as a decryption key to decrypt the user key. 
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23. (Withdrawn) A method as recited in claim 17, wherein the act of 
decrypting the retrieved user key comprises: 

hashing the password associated with the first user using a one-way hash 

function; and 

using the result of the one-way hash function as a decryption key to decrypt 
the user key. 

24. (Withdrawn) A method as recited in claim 17, wherein the act of 
decrypting the retrieved user key comprises: 

hashing the password associated with the first user using a cryptographic 
hash function; and 

using the result of the cryptographic hash function as a decryption key to 
decrj/pt the user key. 

25. (Withdrawn) A method as recited in claim 17, wherein each of the 
plurality of user keys includes a data verification feature. 

26. (Withdrawn) A method as recited in claim 17, wherein each of the 
plurality of master keys includes a data verification feature. 

27. (Withdrawn) A method as recited in claim 17, further comprising: 
verifying the integrity of the retrieved user key. 
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28. (Withdrawn) A method as recited in claim 17, wherein the retrieved 
user key includes an integrity verification feature and wherein the method further 
comprises verifying the integrity of the retrieved user key using the integrity 
verification feature. 

29. (Withdrawn) A method as recited in claim 17, wherein the retrieved 
user key includes a checksum and wherein the method further comprises verifying 
the integrity of the retrieved user key using the checksum. 

30. (Withdrawn) A method as recited in claim 17, wherein the retrieved 
user key includes a message authentication code and wherein the method further 
comprises verifying the integrity of the retrieved user key using the message 
authentication code. 

31. (Withdrawn) A method as recited in claim 17, wherein the retrieved 
user key includes a keyed-hash message authentication code and wherein the 
method further comprises verifying the integrity of the retrieved user key using the 
keyed-hash message authentication code. 
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32. (Currently Amended) A computer readable medium having stored 
thereon a data structure comprising: 

a plurality of user id-user key pairs, each user id-user key pair comprising a 
user id associated with one of a plurality of users and a user key comprising a 
master key and a keyed-hash message authentication code encrypted using a 
password associated with the one of the pliu-ality of users. 

33. (Original) A computer readable medium as recited in claim 32, 
wherein each user key comprises a master key encrypted using a hash of the 
password associated with the one of the plurality of users. 

34. (Original) A computer readable medium as recited in claim 32, 
wherein each user key comprises a master key encrypted using a one-way hash of 
the password associated with the one of the plurality of users. 

35. (Original) A computer readable medium as recited in claim 32, 
wherein each user key comprises a master key encrypted using a cryptographic 
hash of the password associated with the one of the plurality of users. 

36. (Original) A computer readable medium as recited in claim 32, 
wherein each user key includes an integrity verification feature. 

37. (Original) A computer readable medium as recited in claim 32, 
wherein each master key includes an integrity verification feature. 
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38. (Original) A computer readable medium as recited in claim 32, 
wherein each user key includes a checksum. 

39. (Cancel) 

40. (Withdrawn) A system comprising: 

a hashing module operable to hash each of a plurality of user passwords to 
produce a plurality of hash values; 

an encryption module operable to create a plurality of user keys, each user 
key comprising a master key encrypted using one of the hash values as an 
encryption key; and 

a data structure creation module operable to associate each of the user keys 
with a user id in a data structure. 

41. (Withdrawn) A system as defined in claim 40, wherein the hashing 
module produces the hash values using a one-way hashing function. 

42. (Withdrawn) A system as defined in claim 40, wherein the hashing 
module produces the hash values using a cryptographic hashing function. 

43. (Withdrawn) A system as defined in claim 40, wherein the data 

structure creation module associates each user key with a user id in a user id-user 
key pair, and wherein each user id-user key pair is associated with a single user. 
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44. (Withdrawn) A system as defined in claim 40, wherein the 
encryption module includes an integrity verification feature in each user key. 

45. (Withdrawn) A system as defined in claim 40, wherein the 
encryption module includes a checksum in each user key. 

46. (Withdrawn) A system as defined in claim 40, wherein the 
encryption module includes a message authentication code in each user key. 

47. (Withdrawn) A system as defined in claim 40, wherem the 
encryption module includes a keyed-hash message authentication code in each 
user key. 

48. (Withdrawn) A system comprising: 

a user key data structure including plurality of user id-user key pairs, each 
user key pair including a user key and a user id associated with one of a plurality 
of users, each user key comprising an encrypted version of a common master key; 

a master key decryption module operable to select a user key from the user 
key data structure based on a user id received from one of the plurality of users 
and to decrypt the selected user key using a password received fi-om the one of the 
plurality of users. 
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49. (Withdrawn) A system as recited in claim 48, fUrther comprising a 
data decryption module operable to decrypt data encrypted using the master key as 
an encryption key. 

50. (Withdrawn) A system as recited in claims 48, further comprising an 
error handler module operable to indicate to the one of the plurality when an error 
occurs in decrypting the user key. 

51. (Withdrawn) A system as recited in claims 48, wherein the master 
key decryption module comprises: 

a hashing module operable to hash a password received firom the one of the 
plurality of users to produce a hash value; and 

a user key decryption module operable to select a user key from the user 
key data structure based on a user id received from one of the plurality of users 
and to decrypt the selected user key using the hash value as a decryption key. 

52. (Withdrawn) A system as recited in claims 48, wherein the master 
key decryption module comprises: 

a hashing module operable to hash a password received from the one of the 
plurality of users using a one-way hashing function to produce a hash value; and 

a user key decryption module operable to select a user key from the user 
key data structure based on a user id received from one of the plurality of users 
and to decrypt the selected user key using the hash value as a decryption key. 
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53. (Withdrawn) A system as recited in claim 48, wherein the master 
key decryption module comprises: 

a hashing module operable to hash a password received from the one of the 
plurality of users using a cryptographic hashing function to produce a hash value; 

and 

a user key decryption module operable to select a user key from the user 
key data structure based on a user id received from one of the plurality of users 
and to decrypt the selected user key using the hash value as a decryption key. 

54. (Withdrawn) A system as recited in claims 48, wherein the master 
key decryption module comprises: 

a hashing module operable to hash a password received from the one of the 
plurality of users to produce a hash value; and 

a user key decryption and integrity module operable to select a user key 
from the user key data structure based on a user id received from one of the 
plurality of users, to confirm the integrity of the selected user id, and to decrypt 
the selected user key using the hash value as a decryption key. 
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55. (Withdrawn) A system as recited in claims 48, wherein each user 
key in the user key data structure includes an integrity verification feature, and 
wherein the master key decryption module comprises: 

a hashing module operable to hash a password received from the one of the 
plurality of users to produce a hash value; and 

a user key decryption and integrity module operable to select a user key 
from the user key data structure based on a user id received from one of the 
plurality of users, to confirm the integrity of the selected user id using the integrity 
verification feature included in the user key, and to decrypt the selected user key 
using the hash value as a decryption key. 

56. (Currently Amended) A system comprising: 

means for producing a user key associated with each of a plurality users, 
each user key comprising a master ke y and a keved-hash message authentication 
code encrypted using a password of the one of the plurality of users associated 
with the user key; and 

means for associating each of the user keys with a user id of the one of the 
plurality of users associated with the user key in a data structure. 
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57. (Currently Amended) A computer-readable medium having stored 
thereon computer executable instructions for performing acts of: 

creating a data structure including a plurality of user id-user key pairs, each 
user id-user key pair comprising a user id associated with one of a plurality of 
users and a user key comprising a master key and a keyed-hash message 
authentication code encrypted using a password associated with die one of the 
plurality of users. 

58. (Original) A computer-readable medium as recited in claim 57 
having further computer executable instructions for performing acts of: 

delivering the data structure to one or more of the plurality of users. 

59. (Cancel) 

60. (Original) A computer-readable medium as recited in claim 57, 
wherein each master key is encrypted using a hash of the password associated with 
the one of the plurality of users. 

61. (Original) A computer-readable medium as recited in claim 57, 
wherein each master key is encrypted using a one-way hash of the password 
associated with the one of the plurality of users. 
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62. (Original) A computer-readable medium as recited in claim 57, 
wherein each master key is encrypted using a cryptographic hash of the password 
associated with the one of the plurality of users. 

63. (Original) A computer-readable medium as recited in claim 57, 
wherein each user key has an integrity verification feature associated therewith. 

64 (Original) A computer-readable medium as recited in claim 57, 
wherein each user key includes a checksum. 

65. (Original) A computer-readable medium as recited in claim 57, 
wherein each user key includes a keyed-hash message authentication code. 

66. (Original) A computer-readable medium as recited in claim 57 
having further computer executable instructions for performing acts of: 

transforming data using the master key. 

67. (Original) A computer-readable medium as recited in claim 57 
having fiirther computer executable instructions for performing acts of: 

storing data transformed using the master key; and 

controlling access by the plurality of users to the transformed data. 

68. (Original) A computer-readable medium as recited in claim 57 
having further computer executable instructions for performing acts of: 
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storing data transformed using the master key; 

receiving a user id and user password from one of the plurality of users; and 
controlling access to the transformed data by the one of the plurahty of 
users based on the received user id and user password. 



69. (Original) A computer-readable medium as recited in claim 57 
having further computer executable instructions for performing acts of: 

storing data encrypted using the master key; 

receiving a user id and user password from one of the plurality of users; and 
accessing the transformed data using the received user id and user 
password. 

70. (Currently Amended) A computer-readable medium as recited in 
claim 57 having further computer executable instructions for performing acts of: 

storing data encrypted usmg the master key; 

receiving a user id and user password from one of the plurality of users; 
selecting a user key from the data structure based on the received user id; 
decr>pting the selected user M — key u sing the received password to 
reproduce the master key; and 

using the master key to decrypt the data. 
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71. (Currently Amended) A computer-readable medium as recited in 
claim 57 having fiirther computer executable instructions for performing acts of: 

storing data watermarked using the master key; 

receiving a user id and user password from one of the plurality of users; and 
selecting a user key from the data stmcture based on the received user id; 
hashing the received password to produce a hash value; 
decrypting the selected user i4 -key u sing the hash value to reproduce the 
master key; and 

using the master key to access the watermarked data. 

72. (Withdrawn) A computer-readable medium having stored thereon 
computer executable instructions for performing acts of: 

retrieving a user key associated with a first user of a plurality of users from 
a data stmcture comprising a plurality of user keys, each user key comprising a 
master key encrypted using a password associated with a unique one of the 
plurality of users; 

decrypting the retrieved user key using a password associated with the first 

user to produce a master key; and 

accessing data using the master key. 

73. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the user key is retrieved using a user id associated with the first user. 
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74. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the data structure comprises a plurality of user id-user key pairs, each user 
id-user key pair comprising a user id associated with one of a plurality of users 
and a user key associated with the one of the plurality of users. 

75. (Withdrawn) A computer-readable mediixm as recited in claim 72, 
wherein the data structure comprises a plurality of user id-user key pairs, each user 
id-user key pair comprising a user id associated with one of a plurality of users 

and a user key associated with the one of the plurality of users, and wherein the 
user key is retrieved using a user id associated with the first user. 

76. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the act of decrypting the user key comprises decrypting the user key using 
a hash of the password associated with the first user. 

77. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the act of decrypting the retrieved user key comprises: 

hashing the password associated vwth the first user to produce a hash value; 

and 

using the hash value as a decryption key to decrypt the user key. 
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78. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the act of decrypting the retrieved user key comprises: 

hashing the password associated with the first user using a one-way hash 

function; and 

using the result of the one-way hash fiinction as a decryption key to decrypt 
the user key. 

79. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the act of decrypting the retrieved user key comprises: 

hashing the password associated with the first user using a cryptographic 
hash fiinction; and 

using the result of the cryptographic hash function as a decryption key to 
decrypt the user key. 

80. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein each of the plurality of user key includes a data verification feature. 

81. (Withdrawn) A computer-readable medium as recited in claim 72 
having further computer executable instructions for performing acts of: 

verifying the integrity of the retrieved user key. 
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82. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the retrieved user key includes an integrity verification feature and 
wherein the method ftirther comprises verifying the integrity of the retrieved user 
key using the integrity verification feature. 

83. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the retrieved user key includes a checksum and wherein the method 
further comprises verifying the integrity of the retrieved user key using the 
checksum. 

84. (Withdrawn) A computer-readable mediimi as recited in claim 72, 
wherein the retrieved user key includes a message authentication code and 
wherein the method further comprises verif3mig the integrity of the retrieved user 
key using the message authentication code. 

85. (Withdrawn) A computer-readable medium as recited in claim 72, 
wherein the retrieved user key includes a keyed-hash message authentication code 
and wherein the method further comprises verifying the integrity of the retrieved 
user key using the keyed-hash message authentication code. 
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